From owner-freebsd-questions@FreeBSD.ORG Tue Feb 7 12:03:52 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8106110656D6 for ; Tue, 7 Feb 2012 12:03:52 +0000 (UTC) (envelope-from henry.olyer@gmail.com) Received: from mail-wi0-f182.google.com (mail-wi0-f182.google.com [209.85.212.182]) by mx1.freebsd.org (Postfix) with ESMTP id 196968FC21 for ; Tue, 7 Feb 2012 12:03:51 +0000 (UTC) Received: by wibhn14 with SMTP id hn14so7788893wib.13 for ; Tue, 07 Feb 2012 04:03:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=j6Au9NaUyP8mAdwtTjBfKIXJcq985RcC3lUp+0VWnec=; b=iuvN1FyHr/qBK2w9xsjqXJEENMNCQEpsTPVtaM+NjFaTPc3fviMCykiOtrOOOvD7VN Qj/9epRoUM099HpQeO+5ZvCBv+GdXtHeui1/urjIT5m8qLr0gD/js7aU/AsLTYp6SfQn MEYm1eH6d2OOh8NxPpTjB/4PBiUztvyoEhrUs= MIME-Version: 1.0 Received: by 10.180.24.7 with SMTP id q7mr33646322wif.14.1328616231004; Tue, 07 Feb 2012 04:03:51 -0800 (PST) Received: by 10.216.184.198 with HTTP; Tue, 7 Feb 2012 04:03:50 -0800 (PST) Date: Tue, 7 Feb 2012 07:03:50 -0500 Message-ID: From: Henry Olyer To: FreeBSD Mailing List Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: on hammer's, security, and centrifuges... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Feb 2012 12:03:54 -0000 So I was coding along... On my laptop, on session #1, and I get a notice that someone did an su. Except I'm the only user and I didn't have an ethernet cord connected. (And no, it wasn't me...) I just built this laptop a few days ago. Fresh. I did have to get on the net to download/make/install a few critical packages. I do development. And research. My guess, not one shred of evidence, is that someone got in while I was re-building packages. Some, (for example Maxima,) take hours. And because of problems with gnuplot and pdflib, won't build as packages without re-compilation. Look, I'm going to use FreeBSD as long as both it and I am around, it's just the best choice for me, for my user's. But we need to improve security. I'm not a security expert, my work is in another area. But I would like to suggest that the FBSD be enhanced so that each load module, each compiled program, contain a DSA-based public key. Yes, this would make installing and maintaining systems an all-day run. But some of us need a higher degree of security than is presently available. For now, until I remake my laptop, I'm going to disable the ath0 wireless. How? What's the best method to make certain that my wireless chip is turned off? Or is this something best accomplished with a hammer? Not a pleasant thought... (Oh, and centrifuges?, well two out of three isn't bad. About centrifuges I got nothing.) Is their something I can do that would help the FBSD security people?, or, is hacking so routine that it wouldn't help to know the particulars. sigh...